Ubuntu 16.06 Server Firewall (iptables), open port 80 and 443

apt-get install -y iptables-persistent

# Add netfilter-persistent Startup

invoke-rc.d netfilter-persistent save

# Stop netfilter-persistent Service

service netfilter-persistent stop

add the following lines in /etc/iptables/rules.v4

-A INPUT -p tcp -m state –state NEW,ESTABLISHED –dport 80 -j ACCEPT
-A INPUT -p tcp -m state –state NEW,ESTABLISHED –dport 443 -j ACCEPT

example of rules.v4 content:
# Generated by iptables-save v1.6.0 on Sun Aug 13 11:50:58 2017
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [226:36784]
:f2b-sshd - [0:0]
-A INPUT -p tcp -m multiport --dports 22 -j f2b-sshd
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW,ESTABLISHED --dport 443 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A f2b-sshd -j RETURN
COMMIT
# Completed on Sun Aug 13 11:50:58 2017
# Start netfilter-persistent Service
service netfilter-persistent start
# Check if IPTables were applied
iptables -L
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s